Iranian state-sponsored cyberwarfare is indistinguishable from script kiddies

[Peter Gutmann]

The original source of the info about the hack has now posted the private key
corresponding to one of the bogus certs at http://pastebin.com/X8znzPWH.  The
public-key components are identical, haven't verified that the private key
matches yet, but I'm going to guess it will.

So a global CA wasn't 0wned by a nation-state cyberwar agency but by a random
script kiddie having some fun.  Oh the embarassment :-).

Peter.